For a host of reasons, numerous individuals and organizations are actively engaged on a daily basis in sending malicious, automated traffic to web pages and other internet destinations, and making that traffic appear as if it that traffic is human and not automated. For example, the vast majority of revenue presently derived from Internet traffic results from paid advertising. Companies and individuals pay for the placement of advertisements on the Internet where they may be seen and interacted with by people who may be interested in learning about and purchasing their products. Given that these advertising interactions take place electronically and at a distance, it is possible for those interested in capturing some portion of the revenue spent on Internet advertising to employ automated software agents to defraud those paying for the advertising. This is done by making it appear as if advertisements have been viewed by humans who may be interested in a given product, where, in reality, a given advertisement has only been viewed or interacted with by malicious software, which exists only for the purpose of committing such acts of fraud.
Currently, there exist passive systems and methods which detect automation, or bot, differentials such as, for example, whether all content is loaded, or whether request rates match legitimate browsers. Detection of these differentials is helpful from a networking hardware perspective—one can implement the system on a network, interfere with nothing, and recover data. This data, however, is not necessarily high quality because, for example, legitimate human users might have unusual access patterns, caching layers prevents requests like automated bots might, and most importantly, bots are increasingly becoming full browsers thus matching many of these passive metrics quite frequently.